The MGM cyberattack is crazier than you think.

An international hacker gang named “ALPHV” or “BlackCat” is responsible for the cyber attack on MGM Resorts servers.

The hackers did this by finding MGM’s IT employee on Linkedin. The group then called the MGM’s internal help desk acting as that employee. Pretending to have difficulties with the system, the hackers obtained enough information to gain back-door access into MGM’s servers. This phone call lasted less than 10 minutes.

Once the hackers accessed the server, they compromised that employee's user and administrator account. This allowed them to remove antivirus software, and set up malicious objects, enabling them to deploy the malware.

This malware was detected on MGM servers on Sunday night, September 10th.

“BlackCat” requested MGM to pay an unknown amount of ransom, but MGM refused.

Caesars Entertainment was recently hacked by the same group costing them a whopping 15 million dollars of a requested 30 million dollar ransom. Caesars Entertainment cooperated with “BlackCat” hackers resulting in uninterrupted business.

Immediately following the ransom request, MGM decided to shut down their systems and switched to manual operations.

Shortly after, the outages at MGM properties began.

On Monday, Sep 11th at 8:27 AM, MGM issued a statement notifying the public of the cyber attack.

19 of MGM properties are affected, including Bellagio, Excalibur, Aria, Luxor, Mandalay Bay, the MGM Grand and New York New York, to name a few.

ATMs, credit card machines, slot machines, guest registrations, hotel check-ins, websites for all properties, rewards apps, and internal systems have all been affected by the attack.

MGM executives reassured it’s employees will get paid on time, however timekeeping and payroll systems are currently affected by this cyber attack.

This chaos means MGM's losing about $13 million every day.

Do you think MGM should have paid the ransom like Caesars Entertainment did? Let me know in the comments.

As of right now, whether or not MGM has paid the requested ransom is unknown, however their servers and systems are still down.

Shocking Twist in the MGM Cyber Attack

On Thursday, September 14th, Caesars Entertainment said in a report to the SEC, that the driver’s license and social security numbers “for a significant number of members” of the Caesars Rewards program, were copied by the cyber attack hackers.

This is the largest loyalty program in the gaming industry with more than 65 million members.

Scattered Spider, a subgroup of the “ALPHV” or “BlackCat” ransomware gang, is now claiming responsibility for the cyber attack on both, Caesars Entertainment and MGM Resorts servers.

“ALPHV” or “BlackCat” is an international hacker gang that provide other “bad actors” a “Ransomware as a Service”, or RaaS, an affiliate hacking program on the dark web.

Watch my last video where I explain exactly how this cyber attack occurred, just 5 days ago.

On Thursday September 14th at 4:59 AM, MGM released a statement that they are still working on resolving this cyber attack issue.

ATMs, credit card machines, slot machines, guest registrations, hotel check-ins, websites for all properties, rewards apps, and internal systems have all been affected by the attack.

MGM executives reassured it’s employees will get paid on time, however timekeeping and payroll systems are currently affected by this cyber attack.

Are you a Caesars Rewards member? Let me know in the comments.

свернуть